Endpoint Protection for Business Features

Read what people say are the most valuable features of the solutions they use.
Karthik Balakrishnan says in a Carbon Black CB Defense review
Senior Security Consultant at a manufacturing company with 10,001+ employees
Carbon Black Defense has a higher detection ratio because it's cloud-based and it also does a lookup to virus total, so it is out of like 65 vendors that are normally listed in virus total, if there are any kind of hits out of those, in that case, it is getting recognized as a known Malware or a suspected Malware. Under these categorizations, we are able to see a spike in the detection ratio. It is enlightening us with respect to what are the programs that are generally used in our environment and how they are compliant with our environment. View full review »
Randy Potts says in an enSilo review
CISO at a financial services firm with 201-500 employees
NGAV and EDR features are outstanding. View full review »
Ilan Amir says in a Nyotron PARANOID review
Global IT Manager at a pharma/biotech company with 501-1,000 employees
First of all, it does the job. It prevents harm to the operating system. Also, the visibility it gives to the user and to the administrator is very good, it provides visibility in a very convenient, easy way. View full review »
Jayandra Wickramasinghe says in a Carbon Black CB Defense review
Senior Systems engineer at a tech services company
Carbon Black Cb Defense has a nice component called Alert Triage. It has helped to detect threats across the data. It contains full details of the process execution "kill chain" and "go live" for immediate remediation. View full review »
Leonardo Meneses says in a Carbon Black CB Defense review
Incident Response Analyst at a security firm with 51-200 employees
The go live, because it is possible to answer incidents while they are still occurring and minimize the effects. View full review »
Brody Wright says in a Carbon Black CB Defense review
System Analyst at a hospitality company with 1,001-5,000 employees
* The software uses very few resources; it is almost invisible to the end user. * Behavioral Monitoring stops known malicious events before they even begin. * The whitelist: Being a Casino, we have some odd software packages. Being able to whitelist them is a must. * The option to quarantine a device and use the cloud-based portal to gain a “shell” on the infected machine. With this, we can dump the entire system memory to a machine in our lab, then run analysis. View full review »
Principal Consultant - Security at Insentra
There are a number of features that all work synergistically to be able to provide the protection. Originally, anti-virus was based on definition. About 10 years ago, the bad guys figured out how to get past that. So what they've been doing for the past 10 years is adding in additional features to help mitigate any of these other attack vectors that the hackers or malicious people have. So it's just a working together of all these components that makes it special. And then SEP itself fits into the Symantec ecosystem, and inter-operates with a number of other technologies to provide a comprehensive security portfolio. I think the key thing for me, is interoperability, in that you can deploy it to Windows, Mac, and Linux. That's been a really important feature in the last two years. Now there's one management console to cover all three OSs. There are two key aspects to how it has improved. One is the threats that it protects the organization from versus the amount of resource utilization; and two is that compatibility has increased. View full review »
Andrew S. Baker (ASB) says in a Cylance review
Cybersecurity & IT Professional (VirtualCIO) at a tech services company with 1-10 employees
The CylancePROTECT agent is very low on CPU usage, so it has virtually no adverse impact on my servers, desktops, or workstations. I am also quite impressed with its ability to protect systems against zero-day threats due to the machine learning algorithm, which powers its database. Databases, as old as 2015, are able to accurately detect 2017-era threats, such as WannaCry and other ransomware. View full review »
Lilly Froud says in an ESET Endpoint Security review
Senior Systems Engineer at a tech services company with 51-200 employees
Management console, where you can manage all devices on the network from your PC. View full review »
Enterprise Information Security Engineer at a tech services company with 201-500 employees
I would have said the VirusScan, but with the advent of ransomware, the VirusScan hasn’t been that impressive. View full review »
MartinCarnegie says in a BigFix review
Senior Consultant at a tech services company with 10,001+ employees
* Patching support: IBM BigFix supports most of the major OSs with natively packages patches. This includes Windows, MacOSX, Oracle Linux, Solaris, AIX, RedHat, Ubuntu and others. * Pre-packaged support for many third-party applications such as Adobe, Google, Mozilla, Sun (Java), WinZip, and others. * Near real-time view of the environment. Most systems will report their current patch state within 15 minutes. * The IBM BigFix console provides a single pane view into the entire environment. This also provides a common interface for taking actions, such as patching, to any operating system with a similar look and feel. * Ease of installation, maintenance and troubleshooting. IBM BigFix is one of the easiest tools to install for an Endpoint Management tool, especially compared to IBM’s predecessors and Microsoft’s SCCM. As an example, the first time installing IBM BigFix in my lab with about 10 systems took approximately one hour from start of installation to applying OS patches. IBM BigFix is also very easy to scale by adding new relays. The design is flexible enough to be able to “add as you go” without having to perform a major architectural review. * For troubleshooting, the log file structure is very simple, as most files are in the same place and have a standard format. * Adding new components such as IBM BigFix Compliance or IBM BigFix Inventory does not require new agents to be installed. By enabling the content, by clicking on a hyperlink in the License Management Dashboard, and taking action with a couple packages, the infrastructure is ready to start gathering more information. * Reporting capabilities: With the IBM BigFix console, I am able to quickly provide information to any group. With the use of the IBM BigFix Web Reports, I am able to design reports that I can save and provide to users to execute when they desire. These reports can also be scheduled to run and email the users. View full review »
Director at a tech services company with 11-50 employees
It is easy to implement and very stable. The AV device control and HIPS are very impressive. Just implement it and it's done. No troubleshooting efforts are required to make the policies work. View full review »
Owner with self employed
I originally posted the most valuable feature is centralized management - after consideration, I realized this is not accurate. I've used the on-premise and cloud versions of SEP. I prefer cloud versions as it is centralized and easy to manage, but every cloud managed solution does this. I have many cloud managed solutions I use, but I've found SEP to be quirky and inefficient at best. My personal experience is the protection works well. I haven't had an infected computer in years (managing 300 devices now, more over the years). The problem with the protection is I've encountered far too many computers where the licensing fails at some point after installation without warning or notice. You have to check each computer routinely to verify the license is good and the agent is updating. This directly impacts the core reliability of the product since license "expiration" (failure) prevents the agent from updating. View full review »
Avraham Sonenthal says in a FortiClient review
Senior Network Engineer at a government with 5,001-10,000 employees
This is a standard VPN client, and it works for our requirements. View full review »
Darrick Kristich says in a Carbon Black CB Defense review
Founder/CEO at Sedara
The biggest feature out of Carbon Black is its ability to dive in with more depth. You can look at the entire kill chain and understand, not only if an alarm or identified incident is truly a true security issue versus a false positive, and it allows us to backtrack and figure out why it actually happened and how it got into the environment. It also helps us determine what other things may have been impacted along with it, from an asset standpoint. It allows us to go into more depth than a more traditional antivirus, like Symantec. Symantec is more of a traditional antivirus. A lot of it is signature-based. It works quite well for normal protection. It is pretty stable and consistent. It seems to work across the board. There are no real issues to speak of it, which is a definitely a positive thing. One of the more beneficial things is that it does include the active endpoint firewall with it, which allows your endpoints to have a bit more above the standard Windows firewall, then collect all the logs from that. This is a good feature from their firewall piece. Also, the logging out of Symantec is quite good, as you put a lot of great logs into a SIEM or any other log collector from the platform. The difference between the two products is the level of visibility and depth that you get when investigating alarms or issues. You can go a bit deeper with Carbon Black. Symantec does have an additional add-on, which we have not seen since it is a relatively new component. They call it Advanced Threat Protection. It uses the same endpoint, but has a separate license with additional costs, which is meant to allow you to go a little deeper in terms of endpoint and incident investigations. However, it doesn't provide the interactive drill down, prevention, and response capabilities that you need to be able to isolate a system, delete files, or actively kill processes which have been helpful with Carbon Black. View full review »
Group Brand Manager at a comms service provider with 51-200 employees
The solution offers a Device Control policy to block all USB thumb drives and all USB hard drives. We use this feature for some areas here in the company and it's been great for us because these areas contain very important information and we are doing everything we can to avoid breaches, data theft, and data leaks. View full review »
Raul Rivera says in a Palo Alto Networks Traps review
Manager, Communications and Security at GFR Media
The one feature that our organization finds most valuable is being able to control the USB ports on the endpoints View full review »
Senior Security Analyst at HBZ
The manual production is what drew us to Kaspersky Endpoint Security. View full review »
Solutions Specialist Security at COMPAREX India Pvt. Ltd.
It has very unique features, which are not available with other vendors. E.g., there is a feature called SONAR. You can integrate it using ATP, so all the endpoints communicate to each other on the security platform. 17 million sensors are fitted all over the world. View full review »
Consultant at Godimo IT
The fact that it has centralized management is the most valuable feature. In addition, the support from Symantec is very important. It is a global company and they give very good support. That is an important factor here because we are sitting in Africa and getting support on time can be a bit tougher. In this way, Symantec is a good fit for us. Also, the console is very user-friendly. It is easy to understand, easy to play with it, easy to make up policies. And you can customize your policies. It's not like there's a set of policies that has been set out. Other products also have this kind of feature, but it is more user-friendly and a better product with better support. View full review »
Zed Burnett says in a SentinelOne review
Field Technician at Sonrise Technology Solutions
I have found the activity timeline and threat analysis to be particularly useful. View full review »
Eng Ahmad says in a Bitdefender GravityZone review
Datacenter Engineer at a university with 501-1,000 employees
They are constantly updating the solution against malware. View full review »
ICT Manager at a tech vendor with 501-1,000 employees
The encryption is the most valuable feature. View full review »
Secu8765 says in a CrowdStrike review
Security Engineer at a tech services company with 11-50 employees
When something is detected you can log into the GUI and you can get very specific details about what happened. It's very helpful for investigating incidents and this sort of thing. View full review »
MauricioTorres says in a Check Point Endpoint Security review
Operations Director at a tech services company with 1-10 employees
The most valuable features are the innovations that they release in every version. The end-user facilities for managing the tool are also good. View full review »

Sign Up with Email